Network News Break: Microsoft Backs a New Way to Slam Spam

Network News Break is Crossnodes' daily summary of networking news, served up fresh daily. Please send your comments and suggestions to the editor.

Yesterday
we touched briefly on the presence of a growing galaxy of standards
where the battle against spam is concerned. It's probably a good
comment on the ever-changing and early days nature of this battle that
with the dawn came a new wrinkle: After a week of
discussions, Microsoft and the creator of the Sender Policy
Framework (SPF) have come to an agreement about a merger of SPF with
Microsoft's own Caller ID for E-Mail.

Up to this point, we had some serious reservations about SPF.
Because it depends primarily on a minor modification to DNS records,
it has the advantage of relative simplicity, but it provides little
protection against so-called phishing attacks, whereby a malicious
spammer with access to a perfectly legitimate (and SPF-respecting)
domain could still send a mail that represented itself as coming from
somewhere it didn't via manipulation of headers that SPF doesn't
concern itself with.

Our other concern is a shortcoming with SPF where mail forwarding is
concerned. There are workarounds, but they don't work as well as
Yahoo's proposed DomainKeys standard.

With the proposed merger of the two standards, SPF will adopt both
a new, XML-based configuration (though the merged standard will honor
servers with older configurations) and it will gain the ability to
assess the headers of a mail, and not just the SMTP envelope.
Consequently, a mail coming from joeschmoe.com will need to represent
itself as such in any reply-to or from headers as well.

So what's this mean for the harried admin trying to staunch the
flow of spam? For starters, it means SPF might be around for a while: It's got Microsoft in its corner. One of two major
shortcomings (the lack of analysis of "from" headers) has been
addressed, and the second (broken forwarding) can be dealt with, even
if it's not perfect.

There's no reason to not at least try a test implementation of
SPF. With an installed base of thousands of servers, including
heavyweights like AOL, Google, Earthlink, W3.org, Symantec, and
Ticketmaster, you'll be stepping into a sizable community of
relatively stable networks already using SPF.

» What better 20th birthday present to
give yourself than a $450,000 router? Cisco is rolling
out what it previously code-named the HFR, (huge, fast router) and
now calls the more staid "Cisco CRS-1 Carrier Routing System."
Whatever the designation, it's impressive. The CRS-1 has an upward
capacity of 92 terabits per second. Early testers have included
Spring, AOL, and Verizon.

» We were interested to note a startling
statistic from Comcast: The company reports that of the 800
million e-mail messages a day leaving its domain, about 100 million
pass through its official servers, and 700 million are largely spam
and viral mail from so-called "zombies," machines that are passing
e-mail without their owners even realizing it. The cost of merely
blocking port 25, says Comcast, would run upwards of $58 million due
to notification and support costs. So the company's looking instead
at selective blocking of port 25 on identified zombie machines via
remote reconfiguration. The owners, if they are running zombie
machines, will presumably never notice, and the rest of us will get a
break from machines capable of sending hundreds of thousands of spams
a day while the owner remains blissfully unaware.

"ISA Server 2004, which comes in two editions -- Standard and
Enterprise -- is a combination application layer firewall, virtual
personal network (VPN) and Web caching repository. It can be used to
perform deep inspection of Internet protocols to detect threats that
traditional firewalls might miss."

WiMAX is slated to provide high-speed connectivity over distances that
dwarf 802.11's effective range. Of course, it also promises to keep
things interesting for network administrators just coming to grips
with Wi-Fi.

If your CIO hasn't come to chat about archiving and storage, brace
yourself: the message storage outlook for many companies is a little
rocky. Also: battling message authentication standards, and a boost in
NAS capabilities from Microsoft provokes some products from Iomega.